« previous next »
Pages: [1]   Go Down

Author Topic: Found a false positive - should I send the file to someone here?  (Read 2376 times)

0 Members and 1 Guest are viewing this topic.

camer0n

  • Guest
Found a false positive - should I send the file to someone here?
« on: October 12, 2006, 07:45:18 PM »
 Was running some tests with Avast Home Edition
 Program: 4.7.892
 VPS: 0641-3

 And came across what seems to be a false-positive on an admitedly dodgy file.
 
 Here is the full test results with VirusTotal:

 Complete scanning result of "keygen.exe", received in VirusTotal at 10.12.2006, 19:14:52 (CET).

Antivirus   Version   Update   Result
AntiVir   7.2.0.30   10.12.2006   no virus found
Authentium   4.93.8   10.12.2006   no virus found
Avast   4.7.892.0   10.12.2006   Win32:Trojan-gen. {Other}
AVG   386   10.12.2006   no virus found
BitDefender   7.2   10.12.2006   no virus found
CAT-QuickHeal   8.00   10.12.2006   (Suspicious) - DNAScan
ClamAV   devel-20060426   10.12.2006   no virus found
DrWeb   4.33   10.12.2006   no virus found
eTrust-InoculateIT   23.73.20   10.11.2006   no virus found
eTrust-Vet   30.3.3129   10.12.2006   no virus found
Ewido   4.0   10.12.2006   no virus found
Fortinet   2.82.0.0   10.12.2006   suspicious
F-Prot   3.16f   10.12.2006   no virus found
F-Prot4   4.2.1.29   10.12.2006   no virus found
Ikarus   0.2.65.0   10.12.2006   no virus found
Kaspersky   4.0.2.24   10.12.2006   no virus found
McAfee   4872   10.12.2006   no virus found
Microsoft   1.1603    10.12.2006   no virus found
NOD32v2   1.1800   10.12.2006   no virus found
Norman   5.80.02   10.12.2006   no virus found
Panda   9.0.0.4   10.12.2006   no virus found
Sophos   4.10.0   10.05.2006   Mal/Packer
TheHacker   6.0.1.096   10.11.2006   no virus found
UNA   1.83   10.12.2006   no virus found
VBA32   3.11.1   10.12.2006   no virus found
VirusBuster   4.3.7:9   10.12.2006   no virus found

Aditional Information
File size: 33904 bytes
MD5: 646e68da693a636a6b2b51b506e8aaa5
SHA1: f508a31f6aa586986875d9489e4ea7b450748d41
packers: FSG
packers: FSG
 
 Is anyone from Avast interested to analyse the (dodgy) file, or is it unimportant?

 Thanks

 
Logged

Offline Bluesman

  • Avast Evangelist
  • Advanced Poster
  • ***
  • Posts: 926
  • Amiga Power!
Re: Found a false positive - should I send the file to someone here?
« Reply #1 on: October 12, 2006, 07:55:52 PM »
Logged
"The blues are the roots, everything else is the fruits" -Willie Dixon

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89029
  • No support PMs thanks
Re: Found a false positive - should I send the file to someone here?
« Reply #2 on: October 12, 2006, 08:12:55 PM »
What was the location of this file e.g. (C:\windows\system32\infected-file-name.xxx) ?

Also see, (Mini Sticky) False Positives, how to report and what to do to exclude them until the problem is corrected.

Since a number of other AVs also detect it as either suspicious or another malware name, I have to wonder, perhaps it is the nature of key generators. These are often downloaded from dubious sites (why you might want download a key generator ?) and frequently come with an unwanted gift/trojan.

As you say "Is anyone from Avast interested to analyse the (dodgy) file, or is it unimportant?" perhaps you need to find what it came with.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.3.6108 (build 24.3.8975.762) UI 1.0.801/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security
Pages: [1]   Go Up
« previous next »